package com.baorant.resouceserverapplication.adapter;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.RemoteTokenServices;

@Configuration
public class Oauth2ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
    // 验证token的url
    private static final String URL = "http://192.168.56.101:3333/oauth/check_token";

    // 设置资源服务的配置信息
    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {


//			设置验证Token的方法，即使用test和123456的客户端身份去URL验证token
        RemoteTokenServices tokenService = new RemoteTokenServices();

        tokenService.setCheckTokenEndpointUrl(URL);
        tokenService.setClientId("test");
        tokenService.setClientSecret("123456");

        resources.tokenServices(tokenService);
        // 设置当前资源服务器的resource_id为hello，注意当前Clientid是否拥有对resourceId的访问权限。
        resources.resourceId("hello").stateless(true);
    }
}

